The Zelig of Hacking Back

Episode 215 of the Cyberlaw Podcast

|The Volokh Conspiracy |

Our interview is with Nick Schmidle, staff writer for the New Yorker. His report on cybersecurity work that goes to the edge of the law and beyond turns up some previously unreported material, including the tale of Shawn Carpenter, a cybersecurity researcher with a talent for showing up in all the best hackback stories.

In the news, Jamil Jaffer reports on domain fronting, a weird form of protection for people hiding the site they're connecting to behind some bland Google or AWS site. Some of those people are dissidents in authoritarian lands; many are authoritarian governments hacking secrets out of corporate networks. In any event, domain fronting is disappearing before it had even made an impression on the public's mind. I say good riddance, bolstered in my opinion by the wailing of professional privacy groups that, do I have to remind you?, don't care about your security at all.

The Supreme Court takes a case of great interest to social media and other tech firms who attract class actions. Jennifer Quinn-Barabanov explains the law and the likely outcome. I mostly quibble about how to pronounce "cy pres."

Move fast and break things probably isn't the best motto if the thing you're likely to break is, um, you. Megan Reiss talks about the death of Aaron Traywick, and the risks of bringing the hacking ethic to genetic engineering.

Europol and a host of allies were bragging last week about taking down ISIS's online recruiting and propaganda infrastructure. But this week they've had to admit that ISIS is back on line. Jamil and I talk about what lessons can be drawn from cyber-whac-a-molery.

For Chinese phone makers, it never rains but it pours. Fresh off a ban on Chinese phones from US military retail stores, there may be even more pain in the works for ZTE and other Chinese mobile infrastructure providers.

Finally, Megan Reiss and I dig deep into Rep. Ruppersberger's thoughtful take on cybersecurity, information sharing and DHS.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 215th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

NEXT: When Do Changes to a Web Page Restart the Statute of Limitations?

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. I say good riddance, bolstered in my opinion by the wailing of professional privacy groups that, do I have to remind you?, don’t care about your security at all.

    It’s really weird to hear someone claim that people who want strong encryption don’t care about security. I have no confidence in your competency in the area.

    1. I actually have perfect confidence in his competency in this area.

      This area being bullshit.

      1. No the area is not bullshit, it is protecting governments who actually are worried about your security to the extent a rancher or shepherd cares about the security of their cattle or sheep.

        There is the classic argument on whether one should put one’s faith in themselves and in one’s fellow free men and women, or whether one should put their faith in Princes. Mr Baker has clearly chose to pray for a good Tsar. Any reminders that of the good Tsar “his breath goeth forth, he returneth to his earth; in that very day his thoughts perish.” And then you have to pray for another good one.

        1. I meant that Baker’s area of expertise was bullshit, not that encryption is bullshit.

          Baker is a disgrace.

    2. For the few of us in the InfoSec profession that ever heard of Mr. Baker – no one respects or pays any attention to him. So don’t worry about him.

  2. I can’t believe that Stewart Baker is still allowed to post on Volokh Conspiracy. Do the founders just refuse to kick anyone out? I actually happen to agree that domain fronting shouldn’t be allowed, but Stewart Bakers take on it would be enough to make anyone who isn’t self informed think it’s a good thing.

    1. “I actually happen to agree that domain fronting shouldn’t be allowed”

      Why? HTTPS encryption currently protects the content of your communications but not the identity of the other party you’re communicating with. Isn’t protecting both WHAT you are saying and WHO you’re talking to important for privacy?

      1. It is important for Privacy, the argument is that its antithetical to security. And that in this case, security trumps privacy.

        1. “It is important for Privacy, the argument is that its antithetical to security.”

          The argument is that it is antithetical to the security of the state, not that it is antithetical to the security of the parties involved in the communication.

          “And that in this case, security trumps privacy.”

          No, it does not.

    2. I can’t believe that Stewart Baker is still allowed to post on Volokh Conspiracy.

      This blog’s purpose is to promote movement conservatism. Stewart Baker’s work seems congruent with movement conservatism.

      You didn’t fall for that ‘libertarian’ (or ‘libertarianish’) stuff, did you? A right-wing authoritarian is right at home at the Volokh Conspiracy.

      1. If it was simply his opinions I disliked, I could deal with it. It’s the lack of thought that I find so galling. So often he just doesn’t understand what he’s talking about. As an example, his entire take on encryption is just baffling, it’s like he doesn’t understand the technology.

      2. “Stewart Baker’s work seems congruent with movement conservatism.”

        No it isn’t. He was just as enthusiastic about expansive government power when Obama was in office.

        Baker is a Statist, left/right and conservative/progressive are irrelevant to him.

  3. I couldn’t disagree more with the criticism that Ms. Barabanov leveled against biohacking for inappropriately giving the vulnerable hope or putting them in the position of making a hard choice. If honestly communicating one’s belief about the potential for hope to the sick is unacceptable in the absence of extremely strong peer reviewed studies then I expect Ms. Barabanov to be going after churches next.

    Don’t get me wrong. I very much understand the danger of presenting the sick and vulnerable with biased info or false claims but there is no suggestions that biohackers are misrepresenting the risks involved or hiding the science. They simply present a personal view about how likely they feel a cure is to work with their reasons for believing it on display. Suggesting that the sick shouldn’t even be allowed to hear plausible theories as to how the safety requirements of medical regulation might be slowing a cure (or might be saving their lives) is the worst kind of paternalism.

Please to post comments

Comments are closed.